HackTheBox - MonitorsTwo

00:00 - Intro
01:02 - Start of nmap
01:50 - Discovering Cacti version and finding a vulnerability
03:50 - Sending the payload from the description, discovering we need to set the X-FORWARDED-FOR
05:00 - Incrementing Host_ID and Local_Data_Ids and discovering different output
06:15 - Discovering with local_data_ids set to 6 and host_id set to 1, we can get code execution
06:50 - Showing the python exploit and showing it blindly spray, looking at the Metasploit module for some more info …

cacti hackthebox nmap payload start version vulnerability